Landmark laws will give security agencies new powers to obtain the encrypted communications of criminal suspects. How far do the powers go? And what do they mean for you? Here's what you need to know.
Tagged With encryption
Despite a raft of 173 amendments being proposed, acknowledgement that the legislation is flawed and the opposition of almost every technical expert, the Australian government and opposition have passed the new Telecommunications and Other Legislation Amendment (Assistance and Access) though the House of Representatives and Senate last night. This is a striking blow to our cybersecurity and technology industry that will put the jobs of thousands of tech workers at risk and, in some cases, put them in a position where they could be jailed for not telling their bosses if they are creating backdoors into software at the request of government.
Within a few hours of publishing a story yesterday, whatever faith I had in the federal opposition was dashed. After saying the government's encryption legislation was on shaky ground, the soft underbelly of the opposition was exposed. With the government playing their "soft on terrorism" cards the opposition rolled over and said they would support the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 with a few modifications.
The government has been pushing hard to have their Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 rushed to parliament, just a day after the joint parliamentary committee finishes reviewing the draft legislation and listening to experts on what the impacts, positive and negative, of the proposed laws might be. But will the new laws actually be passed?
While the Federal government continues to pursue its agenda of trying to convince tech companies to not give them a backdoor but provide access to encrypted communications - however that's meant to work - it's worth thinking about how law enforcement uses data today and why access to more data may not be the answer.
With all the brouhaha going on in Canberra recently, the draft of a piece of very important legislation was introduced along with an explanatory note. The Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 might sound all soft and fluffy but it's anything but that. This is a piece of legislation that will compel IT companies that create encrypted systems to "assist" the government with access to encrypted communications.
You might know what a virtual private network (VPN) is, but the odds of you actually using one are low. You really should be using a VPN -- ultimately, you may end up seeing it as just as vital as your internet connection. We'll tell you why, explain how to choose a VPN provider and list five that are worth considering.
Breaking into devices that are protected with strong encryption has been a vexed issue for the government. While, on one hand it's easy to see the rationale for law enforcement wanting to access devices during criminal investigations, this needs to be balanced by the desire, or perhaps even right, for individuals to expect that their private communications and information remain private. But the government is pushing on with their legislative agenda, seeking to compel tech companies to help them access encrypted messages.
Earlier this month, Microsoft announced a number of new tools and protections for Office 365 that are designed to boost security for cloud users. This included new file recovery tools, password protection when sharing links over email and the ability to prevent a message from being forwarded (something I bet Claire Swire wish had existed back in 2000). Now, the promised email encryption feature is also being rolled out.
With the ongoing battle being waged between folks wanting to protect their privacy and governments that want to ensure they can access all our communications, just in case bad people want to do stuff, Russia recently upped the ante by banning the popular messaging app Telegram. The ban follows Telegram's developers refusing to hand over encryption keys. But the knock on effect is causing widespread havoc.
Over the weekend more excerpts and analysis from James Comey's book, "A Hughes Loyalty" hit the media. And while much of the coverage focusses on his descriptions of the US President and his government, there were some other tidbits in there. In particular, there are some comments Comey made comments regarding the disconnect been the FBI and tech community with regards to encryption. And those comments are important when it comes to legislation that is an advanced stage of development here.
The Minister for Home Affairs, Petter Dutton, has flagged that he plans to introduce legislation to the parliament that will compel companies that provide end-to-end encryption on products and services to decrypt communications and data when requested. But there seems to be a fundamental difference in understanding in how encryption works and how they think it works.
While WhatsApp boasts great end-to-end encryption of messages which is great for those who crave privacy - but a source of chagrin for many in the law enforcement community - it seems the messaging service is susceptible to attacks on user privacy. A research paper released at a security event this week describes how group chats can be leveraged by snoops.
We live in an era where ideas can turn into vast sums of money, and then disappear, in the blink of an eye. Many of today's start-ups start with a way of changing business process and then commercialise that idea. But Nir Gabay, the founder of El-Sight, focussed on solving a very specific problem. And his hardware solution has massive implications that go far beyond his original vision. EL-Sight's core product is a mobile digital video recorder (DVR) that can securely store and transmit data.